Ian Curry is the Vice President and Chief Marketing Officer of Entrust. By delivering enhanced Internet security capabilities built on identification, entitlements, verification, privacy, and security management, Entrust enables customers in key market sectors, including financial, government, health care, and Global 1000 enterprises, to conduct high-value, highly sensitive transactions over the Internet.
Entrust knows a lot about protecting corporate resources accessed over a WLAN. The Entrust Secure WLAN Solution provides strong identification of users and devices (through the issuance of digital identities) helping to mitigate the risk of attackers and misuse.
What events in the wireless security market have marked this year?
According to Gartner’s Dataquest, Wireless LAN equipment shipments are on pace to grow 73% in 2002 and revenues are set to grow 26%. And, Gartner believes that growth will continue through 2003. In today’s economy, those are very impressive statistics. I would say the most significant “event” in the wireless LAN security market is the growth in wireless LAN use despite security issues, such as WEP encryption weaknesses (which were discovered in 2001).
Warchalking, Wardriving, Warspamming – these are just some of the terms we see frequently in the news. Do you see these actions as a real problem or is it just the media making things bigger than they are?
These actions are serious. If organizations don’t protect access to and data transmitted over wireless networks, they can be assured that a breach of their information and systems will occur. And, these breaches can lead to very serious damage to an organization’s brand, with a consequent loss of customers and revenue. When proper protection of wireless LANs is not difficult to achieve (e.g., primarily through the use of certificate-based authentication to VPNs), customers will question the abilities and overall IT security policies and practices of organizations whose wireless LANs are breached.
The media is doing organizations and individuals a huge service by ensuring they understand the vulnerabilities (and benefits) of wireless LAN technologies.
Will there be a slowdown in acceptance of wireless technology in the corporate environment in 2003 because of increased security concerns?
I do not believe there will be a slowdown because of increased security concerns. There are excellent methods available to protect wireless LANs access and data transmission. As mentioned above, we believe the best way to secure wireless LANs is through the use of certificate-based authentication (augmented with the use of smart cards or other token technology, if desired) to VPNs. The certificate-based authentication ensures strong user identification that avoids the numerous security issues involved in using weak passwords to identify WLAN users. And, the VPN technology provides an additional layer of data encryption on top of the native wireless LAN encryption, known as WEP (Wireless Encryption Protocol).
What are your predictions for the future when it comes to wireless security?
My predictions are as follows:
1) Organizations that use wireless LANs without appropriate protection will have their systems and information breached. These breaches will lead to a loss of brand equity and very likely the loss of customers and partners.
2) Organizations that properly protect their wireless LANs will reap the benefits of the technology — improved productivity and decreased networking costs (both for administration and wiring)
3) Wireless LAN growth in Europe will catch up and being to outstrip growth in North America in 2004 (my anecdotal understanding, from talking with media in Europe, is that use of wireless LANs in Europe is low today)
4) Wireless LAN technology will be used as a key communications technology in emergency response situations (e.g., in response to terrorist attacks, etc …)